10 Tell-Tale Signs that Spam Email is a Phishing Scam

Posted by Geraldine Hunt on Tue, Sep 12th, 2023

Email phishing scams are carried out online by tech-savvy scammers and identity theft criminals. They use spam emails, fake websites and email  to dupe users  into providing sensitive information, like banking passwords and credit card numbers. Once you take the phisher's bait, they use this information to create fake accounts to steal your money or even your identity. For businesses, phishing scams can lead to data breaches that result in the loss of confidential business data and customer information. With that, the financial ramifications of such breaches can be substantial.

Even large companies with extensive resources can be successfully targeted by phishers, as exemplified by the targeting of Acorn Financial Services in August 2022. The incident stemmed from a successful phishing attack, compromising an employee's email credentials. Exploiting this, hackers accessed a trove of sensitive customer data, including names, addresses, dates of birth, driver’s license numbers, financial details, and Social Security numbers. This incident highlights the severity of phishing attacks and the critical need for robust cybersecurity measures.

Tell-tale Signs of a Phishing Email:

1. Check Sender's Name

Without opening the email, look at the name of the sender. Does it EXACTLY match other emails from the same party? If not, it could be packing malware.

2.Confidential Data Requests

Be cautious if asked to reply with confidential data - A legitimate business will not ask you to furnish your username and/or password or to click a link to change your password. If an email requests banking information, be suspicious. Don’t fall for it.

3. Unrealistic Offers

Exercise skepticism when you are offered something valuable at little or no cost – The "Nigerian prince" scenario comes to mind. Or you have won some sweepstakes that you never entered. Remember that even if you know the sender, the sender’s address book could have been hijacked and used to disseminate phishing emails.

4. Threats and Urgent Demands

Be wary of emails threatening dire consequences if you don't comply:

• “Your computer has a virus” – This is a trick in email and website pop-up advertisements. You are asked to download a “security package” to combat the virus. Unfortunately, rogue security programs are one of the most common sources of malware infection. Ignore warnings about malware from any source except your verified antimalware program.
• The email asks for “urgent” or “immediate” action, particularly involving financial transaction - Confirm any such requests by telephone or, better yet, in person. Check with managers at your company before clicking on or replying to such emails.

5. Confidential or Private Requests

If the email purports to be a "Confidential" or "Private" request, be cautious. – The sender is trying to keep you from verifying the email with another party. Don’t believe it.

6. Exercise Caution with Attachments

If an email contains an attachment that purports to be an order confirmation or receipt, think twice – This approach is also used for supposed package shipment documents.  Think: have you ordered anything from that company? If so, do past emails have the same format and look? It is better in general to access information on an official website than to click links in an email or download an email attachment. In most cases it is possible to go to an official website to verify the email contents and get further information.

7. Check Document Extensions

Be cautious of an email that has an attachment with some non-standard document extension - attachments are a major source of infection. A standard document extension for Microsoft Office would be one ending in .docx , xlsx, or .pptx. These should be OK. But if the extension ends “m” (for macro), the document contains some embedded code that may execute when you open the document. Any Adobe Reader .pdf or zip file .zip document can contain malicious website links or malicious JavaScript files that could unleash a malware infection. The best advice is to check with the sender before downloading an attachment.

8. Tax Season Caution

Is it tax season? - During tax season there is a bump in spear phishing and telephone scams by “tax authorities” requesting financial information or providing tax “receipts” that are malware in disguise. Last year, the IRS identified an astonishing $5.7 billion in tax fraud schemes, which is more than double the amount reported in 2021.

In these instances, phishers may employ deceptive tactics to target an employee of a company into divulging their W-2 form. They achieve this by crafting an email that appears to originate from the company's HR department, urging the employee to return their W-2 form via email. If the employee falls for the scam, the attacker will attempt to file tax returns in the employees name, thereby stealing the victims’ tax refunds.

9. Verify Sender's Email Address

Ensure the sender's email address aligns with the email's contents - Does it make sense that an email from UPS would come from an address such as j.shi@jung.com? Probably not. How about from no.reply@up.s.com? Notice the periods. This is not from UPS, it is from up.s. The "from" address in an email can be faked. Do not assume that if it comes from a known address that it is legitimate.

10. Check for Awkward Wording

Check for awkward wording in the email – Does the content appear to be proper English (or whatever language it should be)? Check the tone and grammar. Does the email sound like it was translated from a foreign language? Then it could come from a non-native hacker.

What Do I Do if the Email is Suspicious?

If the message is suspicious, there are some steps you can take:

• Do not click on any links in the email.
• Hover your mouse over any links in the email. If you know what the real links should be, such as for a frequent customer or vendor, compare the real link to the link in the email.
• Google any companies, individuals, addresses, and phone numbers in the message. Look at more than the official company website; fake websites can be set up quickly.
• Do not use “reply” to answer a suspicious email from a known entity. Instead, create a new email and use the address in your address book, not from the received message.
• Tell other people in your company about the phishing email you received. Knowledge is power!
• What is the easiest way to check if an email represents phishing? Use another communication method such as the telephone or snail mail. But do not use the address or telephone numbers in the email. Google the real company website or obtain the real phone number from online white pages or yellow pages. Otherwise, you could be contacting the phishers!

While phishing techniques are getting more sophisticated, there are lots of  things users can do to avoid being phished.  IT pros need to ensure their organization deploys a powerful spam filter that scans inbound and outbound email, provides RBL blocking and pattern filtering. Spam filters vary in effectiveness and are only part of the solution to preventing intentionally malicious attacks — especially phishing emails. 

Are you an IT professional that wants to ensure your data and devices are protected? Take our Security Training Awareness Quiz